Covid-19 has impacted virtually all aspects of our lives, including the way we bank. In the UK, six million adults (or 12% of the population) downloaded an online banking app for the first time during the pandemic. Research also shows that the types of banks we use are also changing: currently, around 14 million Brits have at least one bank account with a digital bank and this number could increase by almost 10 million over the next 5 years! 

If we look to how we pay too, we can see shifts in behaviours. During the initial lockdown, 90% of face-to-face transactions made in April were contactless, and in July, there were 1.5 billion debit card transactions (20.8% more than in the previous month). In addition, findings from Lloyds Banking Group reveal how digital preferences amongst the over-65s — an age group traditionally reluctant to adopt online banking — are now converging with younger demographics.

As we continue to push toward a predominantly digital society, banks and financial organisations must continue to address growing types of fraud and cybercrime. According to UK Finance’s 2020 Half Year Report, the first half of 2020 saw a sharp rise in the number of impersonation scams, with almost 15,000 cases reported. This was largely down to opportunistic fraudsters cashing in on uncertainties surrounding the pandemic. As such, in 2021, financial organisations need to reassess their verification procedures in order to combat growing online security threats as more people bank online.

Taking a stand against identity fraud

As identity fraud continues to be a major concern for banks and financial organisations, it’s crucial that they are able to verify their online customers to ensure they are who they claim to be. Financial organisations will therefore need to shift from exclusively using data-based approaches of identity proofing (such as using credit bureau or census data) to document-centric identity proofing (using a government-issued ID and a selfie) to verify online users. With traditional authentication methods and data-based identity proofing, there is no way to know if a person logging in is the actual user or if it is someone using readily-available stolen information from the dark web. In 2021, financial enterprises will need to increasingly opt for document-centric identity verification to deter fraudulent login attempts. In fact, Gartner predicts that by 2022, 80% of organisations will be using document-centric identity proofing as part of their onboarding workflows, which is an increase from approximately 30% today.

Although the finance industry is working hard to tackle online fraud, it is vital that government regulators and other sectors continue to step up and play their part in detecting and preventing this criminal activity. This comes at a time when COVID-19 related scams have impacted 32% of people around the world and the National Audit Office has expressed concerns that the government could lose between £15 billion and £26 billion from the Bounce Back Loan Scheme. Government agencies will need to adapt to the modern fraud landscape by implementing stronger online identity verification to keep people safe in 2021 and beyond.

Leveraging biometrics to keep fraudsters out

The 36 billion records breached in 2020 will open the door for account takeover attacks via credential stuffing — a type of cyberattack where automated bots use exposed account credentials to gain unauthorised access to user accounts. As 71% of accounts are protected by passwords used on multiple websites, credential stuffing will become the top global cybersecurity threat as attacks will be successful in gaining access to multiple accounts which include bank and investment accounts. Once logged in, users can change passwords, steal benefits, transfer funds and lock the real user out. Traditional authentication methods (e.g., knowledge-based authentication and the common password) will no longer be relied on to keep accounts protected. In 2021, banks and financial organisations will look to stronger forms of biometric-based authentication to keep user data secured and out of the hands of fraudsters.

Eliminating AI bias for fairer decisions

There are many ways that AI can be leveraged in the financial services industry. One important use case is in the document-centric identity proofing space whereby identification documents, such as a passport or a driver’s licence, are matched with a selfie of the user to connect real and virtual identities. This will be an essential area of focus for financial services companies as they look to confirm that users are who they claim to be online when the physical branch is diminishing. 

However, it’s important to consider that by 2022, more than 95% of RFPs for document-centric identity proofing will contain clear requirements regarding minimising demographic bias, an increase from fewer than 15% today. Therefore, to leverage AI successfully, financial services companies must address the inherent bias in AI-based systems to ensure they will make fair and informed decisions on matters such as loan approvals. 

While the topic of AI, data and ethnicity is not new, it must come to a head in 2021. According to researchers at MIT who analysed imagery datasets used to develop facial recognition technologies, 77% of images were male and 83% were white, signalling to one of the main reasons why systematic bias exists in facial recognition technology. In 2021, guidelines will be introduced to offset this systematic bias. Until that happens, banks and financial organisations using facial recognition technology should be asking their technology providers how their algorithms are trained and ensure that their vendor is not training algorithms on purchased data sets. 

The coronavirus pandemic in many ways has served as a much-needed cause for acceleration of digital transformation in the financial services space. However, while many have been able to support customers in this new online world, new challenges have come to the forefront more clearly. Indeed, 2020 reiterated that basic verification and authentication measures are vulnerable to a range of security threats and need to be enhanced. Now is the time to invest in the right methods to reduce the risks of cybercrime and ensure customers are operating in a safe online banking environment.